Description
MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.
Published: 2026-04-16
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Read system files
Action: Patch
AI Analysis

Impact

The flaw is a CRLF Injection vulnerability (CWE-93) in Openfind MailAudit and MailGates that allows unauthenticated remote attackers to inject carriage return and line feed characters into input, causing the server to interpret them as header delimiters and enabling the reading of arbitrary system files the server can access.

Affected Systems

Affected editions of Openfind MailAudit and MailGates are versions 6.0 through 6.1.10.054 and 5.0 through 5.2.10.099; the vendor recommends upgrading to 6.1.10.054 or later on the 6.x line, or to 5.2.10.099 or later on the 5.x line.

Risk and Exploitability

Based on the description, the attack appears to hinge on sending crafted HTTP requests that embed CRLF sequences in user input. The flaw scores 8.7 on CVSS, indicating high severity, but EPSS data is unavailable and the issue is not listed in CISA’s KEV catalog. The ability to read system files can expose configuration, credentials or other privileged data, potentially allowing an attacker to elevate privileges or launch further attacks. Prompt patching is essential.

Generated by OpenCVE AI on April 16, 2026 at 08:59 UTC.

Remediation

Vendor Solution

MailGates/MailAudit 6.0: Update to version 6.1.10.054 or later MailGates/MailAudit 5.0: Update to version 5.2.10.099 or later

OpenCVE Recommended Actions

  • Upgrade to at least 6.1.10.054 for 6.x releases or 5.2.10.099 for 5.x releases
  • Apply server‑side input validation to reject CRLF characters in all user‑supplied fields that influence HTTP headers
  • Restrict remote access to the application from trusted networks and monitor logs for anomalous request patterns

Generated by OpenCVE AI on April 16, 2026 at 08:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 16 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
First Time appeared Openfind
Openfind mailaudit
Openfind mailgates
Vendors & Products Openfind
Openfind mailaudit
Openfind mailgates

Thu, 16 Apr 2026 02:45:00 +0000

Type Values Removed Values Added
Description MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.
Title Openfind|MailGates/MailAudit - CRLF Injection
Weaknesses CWE-93
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openfind Mailaudit Mailgates
cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published:

Updated: 2026-04-16T13:02:24.951Z

Reserved: 2026-04-15T11:32:32.176Z

Link: CVE-2026-6351

cve-icon Vulnrichment

Updated: 2026-04-16T13:02:21.783Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-16T03:16:31.053

Modified: 2026-04-17T15:38:09.243

Link: CVE-2026-6351

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T09:00:05Z

Weaknesses